As I am working now with windows registries .. I always find the following patterns .. a registry which contains two brackets {} with numbers and letters in between, you can see some examples below:
HKEY_CLASSES_ROOTDriveshellexFolderExtensions{fbeb8a05-beee-4442-804e-409d6c4515e9}
HKEY_CLASSES_ROOTCLSID{00BB2763-6A77-11D0-A535-00C04FD7D062}InProcServer32
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionExplorerMountPoints2CPCVolume{64dcb6fa-03c9-11e6-9e9f-806d6172696f}
Can anyone help me in understanding what does these refer to ? are they generated randomly?
I also tried to parse each registry key and remove whatever between the brackets {} .. as a start, I know this can be done with regular expression but I am really not familiar with them .. any guidance appreciated.
Aucun commentaire:
Enregistrer un commentaire